PT-2005-3848 · Unknown · Simplecdr-X
Published
2005-09-21
·
Updated
2008-09-05
·
CVE-2005-3012
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SimpleCDR-X version 1.3.3
Description
The issue concerns the MasterDataCD::createImage function in masterdatacd.cpp, which creates the .temp temporary directory with insecure permissions. This allows local users to read sensitive ISO images.
Recommendations
For SimpleCDR-X version 1.3.3, consider restricting access to the .temp directory until a patch is available. As a temporary workaround, manually adjust the permissions of the .temp directory to prevent unauthorized access.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Simplecdr-X